CN111865891A

Movatterモバイル変換

Info

Publication number: CN111865891A
Application number: CN201911410356.1A
Authority: CN
Inventors: 吴琼; 姜艳泽; 路朝晖; 唐佳旭
Original assignee: Beijing Didi Infinity Technology and Development Co Ltd
Current assignee: Beijing Didi Infinity Technology and Development Co Ltd
Priority date: 2019-12-31
Filing date: 2019-12-31
Publication date: 2020-10-30
Anticipated expiration: 2039-12-31
Also published as: CN111865891B

Abstract

The application provides a data transmission method, a user side, an electronic device and a readable storage medium, wherein the data transmission method is applied to the user side and comprises the following steps: determining a data file to be uploaded which needs to be uploaded to a server in the user side and file identification information corresponding to the data file to be uploaded; determining a key parameter and an encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded in the user side based on the key parameter and the encryption mode; and uploading the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file to the server. Therefore, the data file to be uploaded can be directly encrypted at the user side, the encrypted data file can be directly uploaded, the probability of data leakage in the transmission process and at the server side is reduced, and the data security is improved.

Description

Data transmission method, user side, electronic equipment and readable storage medium

Technical Field

The present application relates to the field of data processing technologies, and in particular, to a data transmission method, a user side, an electronic device, and a readable storage medium.

Background

At present, with the rapid development of cloud data technology, more and more users select to store data in a cloud server. As a backup of data, and relieves the pressure of data storage at the user end.

In order to ensure the security of user data, data needs to be encrypted, at the present stage, the encryption modes for the data are all for the same server, the public key is used for encryption on the server side, the data is completely transparent in the transmission process and the server side, and the danger of data leakage exists, so that how to further ensure the security of the data is a problem to be solved urgently at the present stage.

Disclosure of Invention

In view of this, an object of the present application is to provide a data transmission method, a user side, an electronic device, and a readable storage medium, which can directly encrypt a data file to be uploaded at the user side and directly upload the encrypted data file, reduce the probability of data leakage during the transmission process and at the server side of data, and are helpful to improve data security.

According to an aspect of the present application, a data transmission method is provided, which is applied to a user side, and the data transmission method includes:

determining a data file to be uploaded which needs to be uploaded to a server in the user side and file identification information corresponding to the data file to be uploaded;

Determining a key parameter and an encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded in the user side based on the key parameter and the encryption mode;

and uploading the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file to the server.

In some embodiments of the present application, the encryption scheme includes one of symmetric encryption and asymmetric encryption.

In some embodiments of the present application, the data file to be uploaded, which needs to be uploaded in the user side, is determined by the following steps:

acquiring target travel information of data files needing to be uploaded in a preset time interval and travel information corresponding to each data file in the preset time interval;

and determining the data file with the travel information matched with the target travel information as a data file to be uploaded, which needs to be uploaded.

In some embodiments of the present application, before the obtaining target trip information of a data file that needs to be uploaded within a preset time interval and trip information corresponding to each data file within the preset time interval, the data transmission method further includes:

Acquiring a plurality of pieces of acquired data within a preset time interval and attribute information corresponding to each piece of acquired data;

dividing the collected data with the same attribute information in the plurality of pieces of collected data into the same collected data set to obtain a plurality of collected data sets;

based on the plurality of collected data sets, a plurality of data files are determined.

In some embodiments of the present application, the key parameter corresponding to the data file to be uploaded is determined by the following steps:

acquiring file attribute information corresponding to the data file to be uploaded;

and determining key parameters corresponding to the data files to be uploaded based on the file identification information, the file attribute information and a preset key parameter generation rule.

In some embodiments of the present application, the determining, based on the file identification information, the file attribute information, and a preset key parameter generation rule, a key parameter corresponding to the data file to be uploaded includes:

determining an identification parameter corresponding to the file identification information and an attribute parameter corresponding to the file attribute information based on the file identification information, the file attribute information and the preset key parameter generation rule;

And combining the identification parameters and the attribute parameters according to the preset key parameter generation rule to generate key parameters corresponding to the data file to be uploaded.

In some embodiments of the present application, after uploading the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file to the server, the data transmission method further includes:

receiving data receiving information fed back by the server, and detecting whether the server successfully receives the encrypted data file;

and if the server successfully receives the encrypted data file, storing the key parameter, the encryption mode and the file identification information corresponding to the encrypted data file at the user side.

In some embodiments of the present application, after the receiving data reception information fed back by the server and detecting whether the server successfully receives the encrypted data file, the data transmission method further includes:

if the server does not successfully receive the encrypted data file, determining an updated key parameter and an updated encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded based on the updated key parameter and the updated encryption mode to obtain an updated encrypted data file;

And uploading the updated encrypted data file and the file identification information to the server.

In some embodiments of the present application, after uploading an encrypted data file obtained by encryption and file identification information corresponding to the encrypted data file to the server, the data transmission method further includes:

receiving a key parameter request sent by the server, and detecting whether the key parameter request is accepted or not;

if the key parameter request is received, file identification information carried in the key parameter request is obtained;

determining an encryption mode and a key parameter corresponding to the key parameter request based on the file identification information;

and sending the encryption mode and the key parameter to the server.

In some embodiments of the application, after the sending the encryption manner and the key parameter to the server, the data transmission method further includes:

receiving feedback information of the server, and sending a data request for requesting the encrypted data file to the server after the feedback information indicates that the server does not successfully decrypt the encrypted data file;

After data corresponding to an encrypted data file is acquired, decrypting the encrypted data file by using a key parameter and an encryption mode which are sent to the server;

if the encrypted data file is not successfully decrypted, determining a key parameter and an encryption mode corresponding to the encrypted data file according to file identification information corresponding to the encrypted data file, and sending the key parameter and the encryption mode to the server.

According to another aspect of the present application, there is provided a user equipment, including:

the uploading file determining module is used for determining a data file to be uploaded which needs to be uploaded to a server in the user side and file identification information corresponding to the data file to be uploaded;

the encrypted file determining module is used for determining a key parameter and an encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded in the user side based on the key parameter and the encryption mode;

and the encrypted file uploading module is used for uploading the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file to the server.

In some embodiments of the present application, the upload file determining module is configured to determine the data file to be uploaded, which needs to be uploaded, in the user side by:

In some embodiments of the present application, the user side further includes a data file determining module, where the data file determining module is configured to:

In some embodiments of the present application, the encrypted file determining module is configured to determine a key parameter corresponding to the data file to be uploaded by:

In some embodiments of the present application, when the encrypted file determining module is configured to determine the key parameter corresponding to the data file to be uploaded based on the file identification information, the file attribute information, and a preset key parameter generation rule, the encrypted file determining module is specifically configured to:

In some embodiments of the present application, the user side further includes an information storage module, where the information storage module is configured to:

In some embodiments of the present application, the user side further includes an information updating module, where the information updating module is configured to:

In some embodiments of the present application, the user side further includes a key parameter authorization module, where the key parameter authorization module is configured to:

And sending the encryption mode and the key parameter to the server.

In some embodiments of the present application, the user side further includes a key parameter verification module, where the key parameter verification module is configured to:

An embodiment of the present application further provides an electronic device, including: a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory communicating via the bus when the electronic device is operating, the machine-readable instructions when executed by the processor performing the steps of the data transmission method as described above.

An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program performs the steps of the data transmission method as described above.

The data transmission method, the user side, the electronic device and the readable storage medium provided by the embodiment of the application determine a data file to be uploaded, which needs to be uploaded to a server, in the user side and file identification information corresponding to the data file to be uploaded; determining a key parameter and an encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded in the user side based on the key parameter and the encryption mode; and uploading the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file to the server.

Therefore, the data file to be uploaded is determined at the user side, the encryption mode and the key parameter corresponding to the data file are determined, the data file is encrypted to generate the encrypted data file, the encrypted data file and the file identification information corresponding to the encrypted data file are uploaded to the server, the data file to be uploaded can be directly encrypted at the user side, the encrypted data file is directly uploaded, the probability of data leakage in the transmission process and at the server side is reduced, and the data security is improved.

In order to make the aforementioned objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.

Fig. 1 is a schematic architecture diagram of a data transmission system according to an embodiment of the present application;

fig. 2 is a schematic flowchart of a data transmission method according to an embodiment of the present application;

fig. 3 is a schematic flowchart of a data transmission method according to another embodiment of the present application;

fig. 4 is a schematic structural diagram of a user side according to an embodiment of the present application;

fig. 5 is a second schematic structural diagram of a user terminal according to an embodiment of the present application;

fig. 6 is a third schematic structural diagram of a user equipment according to an embodiment of the present application;

Fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

Detailed Description

In order to enable those skilled in the art to use the present disclosure, the following embodiments are given in conjunction with a specific application scenario "encrypt data files to be uploaded at the user side". It will be apparent to those skilled in the art that the general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the application. Although the present application is described primarily in the context of encrypted lines of data files to be uploaded at the user side, it should be understood that this is merely one exemplary embodiment.

It should be noted that in the embodiments of the present application, the term "comprising" is used to indicate the presence of the features stated hereinafter, but does not exclude the addition of further features.

One aspect of the present application relates to a data transmission system. The system can encrypt the data file by determining the data file to be uploaded at the user side and determining the encryption mode and the key parameter corresponding to the data file to generate the encrypted data file, and uploads the encrypted data file and the file identification information corresponding to the encrypted data file to the server, so that the data file to be uploaded can be directly encrypted at the user side, the encrypted data file can be directly uploaded, the probability of data leakage in the transmission process and at the server side is reduced, and the data security is improved.

It is worth noting that before the application is provided, in order to ensure the security of user data, data needs to be encrypted, at present, the encryption modes of data are all directed to the same server, encryption is performed by using a public key at a server side, the data is completely transparent in the transmission process and at the server side, and a risk of data leakage exists, and how to further ensure the security of the data is a problem that needs to be solved at present.

However, the data transmission method, the user side and the readable storage medium provided by the application can directly encrypt the data file to be uploaded at the user side and directly upload the encrypted data file, thereby reducing the probability of data leakage in the transmission process and at the server side of the data, and being beneficial to improving the data security.

Fig. 1 is a schematic structural diagram of a data transmission system according to an embodiment of the present application. The data transmission system may include one or more of aserver 110, anetwork 120, auser terminal 130, and adatabase 140.

In some embodiments, theserver 110 may include a processor. The processor may process information and/or data related to the service request to perform one or more of the functions described herein. For example, the processor may obtain an encrypted data file from theuser terminal 130. In some embodiments, a processor may include one or more processing cores (e.g., a single-core processor (S) or a multi-core processor (S)). Merely by way of example, a Processor may include a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), an Application Specific Instruction Set Processor (ASIP), a Graphics Processing Unit (GPU), a Physical Processing Unit (PPU), a Digital Signal Processor (DSP), a Field Programmable Gate Array (FPGA), a Programmable Logic Device (PLD), a controller, a microcontroller Unit, a Reduced Instruction Set computer (Reduced Instruction Set computer), a microprocessor, or the like, or any combination thereof.

In some embodiments, the device type corresponding to theuser terminal 130 may be a mobile device, and may be a tablet computer, a laptop computer, or a built-in device in a motor vehicle, etc.

In some embodiments, adatabase 140 may be connected to network 120 to communicate with one or more components in a data transmission system (e.g.,server 110,client 130, etc.). One or more components in the data transmission system may access data or instructions stored indatabase 140 vianetwork 120. In some embodiments, thedatabase 140 may be directly connected to one or more components in the data transmission system, or thedatabase 140 may be part of theserver 110.

The data transmission method provided by the embodiment of the present application is described in detail below with reference to the content described in the data transmission system shown in fig. 1.

Referring to fig. 2, fig. 2 is a schematic flow chart of a data transmission method provided in the embodiment of the present application, where the data transmission method may be executed by one or more processors in the data transmission system, and the specific execution process includes:

s201, determining a data file to be uploaded which needs to be uploaded to a server in the user side and file identification information corresponding to the data file to be uploaded.

In the step, the data file to be uploaded to the server and the file identification information corresponding to the data file to be uploaded are determined from the user side.

The number of the data files to be uploaded can be one or more, and when the number of the data files to be uploaded is one, the data files can be approximately considered to be uploaded in real time, namely the data files are uploaded in time after the data files are generated at a user side; when the number of the data files to be uploaded is multiple, in the process of uploading the multiple data files, a batch of data files can be uploaded according to a preset time interval, or a batch of data files can be uploaded according to a preset rule.

Taking the user side as the vehicle-mounted device as an example, the vehicle-mounted device may record the audio and video of the user on the vehicle during the driving process of the vehicle, and in this case, the uploading of the data file may be performed by uploading a plurality of data files generated when one trip of the vehicle is finished.

Here, the file identification information may refer to a file name and a file number of the data file, and may also be time information generated by the data file; when the file identification information is a file name, the file name may include a file attribute, corresponding trip information, and the like, and for the above example, the file name may be "trip a-recording"; when the file identification information is a file number, each data file may be numbered according to the generation sequence of the data files, and the numbers may be distinguished according to a preset time interval, for example, the file number may be "day X-file 1"; when the file identification information is the time information of the data file generation, the generation time of the data file is directly used as the file identification information of the data file, such as "2019-14: 30" and the like. Therefore, each data file to be uploaded can be distinguished by unique identification according to the file identification information, and subsequent searching of the corresponding data file is facilitated.

S202, determining a key parameter and an encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded in the user side based on the key parameter and the encryption mode.

In the step, key parameters and an encryption mode corresponding to the data file to be uploaded are determined, and the data file to be uploaded is encrypted through the corresponding key parameters and the encryption mode to generate an encrypted data file.

Here, the key parameter is a parameter that is input in an algorithm for converting plaintext into ciphertext or converting ciphertext into plaintext, and the encryption manner includes one of symmetric encryption and asymmetric encryption, that is, the key parameter is divided into a symmetric key parameter and an asymmetric key parameter. The cryptosystem can be divided into a symmetric cryptosystem (also called a single-key cryptosystem, a secret key parameter cryptosystem, a symmetric key parameter cryptosystem) and an asymmetric cryptosystem (also called a double-key cryptosystem, a public key parameter cryptosystem, an asymmetric key parameter cryptosystem) according to whether the encryption key parameter and the decryption key parameter used by the cryptographic algorithm are the same or not and whether the decryption process can be derived from the encryption process (or the decryption process). The symmetric key parameter encryption is also called private key encryption or session key parameter encryption algorithm, namely, a sender and a receiver of information use the same key parameter to encrypt and decrypt data; the asymmetric key parameter encryption system is also called as public key parameter encryption. It needs to use different key parameters to accomplish the encryption and decryption operations separately, one being published publicly, i.e. public key parameters, and the other being kept secret by the user himself, i.e. private key parameters. The sender of the message uses the public key parameter to decrypt and the recipient of the message uses the private key parameter to decrypt. In practical applications, the two are usually used together, for example, a symmetric key parameter encryption system is used for storing a large amount of data information, and a public key parameter encryption system is used for encrypting the key parameters.

Here, for the data files to be uploaded, in order to ensure that the privacy of the data at the user side is sufficiently protected, in the embodiment of the present application, each data file to be uploaded is encrypted and then uploaded, and in other embodiments, the data files may be filtered to determine the data file to be encrypted, and only the data file to be encrypted is encrypted. The screening condition may be that a keyword is set for file identification information of the data file, and the data file is encrypted only when the corresponding keyword exists in the file identification information.

When the number of the data files uploaded in the same batch is multiple, the key parameters and the encryption modes corresponding to each data file are different, so that the difficulty of cracking the data files can be increased, and all the data files cannot be cracked due to leakage of the key parameters at a certain time.

S203, uploading the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file to the server.

In this step, after the encrypted data file is generated in step S202, the encrypted data file and the file identification information corresponding to the encrypted data file are uploaded to the server in a corresponding manner.

The encrypted data file is uploaded to the server for storage, so that the data storage pressure of a user side can be relieved, the encrypted data file and the corresponding file identification information are stored in the server correspondingly, and the data file is convenient to manage and search subsequently according to the file identification information.

The data transmission method provided by the embodiment of the application determines a data file to be uploaded which needs to be uploaded to a server in a user side and file identification information corresponding to the data file to be uploaded; determining a key parameter and an encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded in the user side based on the key parameter and the encryption mode; and uploading the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file to the server.

Referring to fig. 3, fig. 3 is a schematic flow chart of a data transmission method according to another embodiment of the present application, where the data transmission method may be executed by one or more processors in the data transmission system, and the specific execution process includes:

s301, determining a data file to be uploaded which needs to be uploaded to a server in the user side and file identification information corresponding to the data file to be uploaded.

S302, determining a key parameter and an encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded in the user side based on the key parameter and the encryption mode.

S303, uploading the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file to the server.

S304, receiving data receiving information fed back by the server, and detecting whether the server successfully receives the encrypted data file.

In this step, the user side receives the data receiving information fed back by the server, and determines whether the server successfully receives the decrypted data file according to the feedback of the data receiving information.

Here, the encrypted data file uploaded at one time by the user terminal may be divided into two cases, one is to upload one encrypted data file at one time, and the other is to upload a plurality of data files at one time. For the situation of uploading an encrypted data file at one time, after the encrypted data file is determined to be uploaded, the user side sends inquiry information for inquiring the situation of receiving the data file to the server; for the case of uploading multiple encrypted data files at one time, the user side may select the time for sending the query information for querying the receiving condition of the data files to the server, and may send the query information to the server for multiple times according to a preset time interval after all the encrypted data files are uploaded, and not only ask the server whether to successfully receive the multiple encrypted data files in the query process, but also ask the file identification information of the encrypted data file with failed reception in the case of failed reception by the server.

S305, if the server successfully receives the encrypted data file, storing the key parameter, the encryption mode and the file identification information corresponding to the encrypted data file at the user side.

In this step, if the feedback information of the server indicates that the server successfully receives the encrypted data file, the user stores the key parameter, the encryption mode, and the file identification information corresponding to the encrypted data file in the local storage of the user, and deletes the data in the encrypted data file in order to relieve the storage pressure of the user.

The data in the encrypted data file is deleted in two cases, namely, after the data file is determined to be transmitted to the server and the server successfully receives the data file, the data in the data file is deleted in real time; the data in a batch of data files can be deleted in batches by setting a preset time interval.

The descriptions of S301 to S303 may refer to the descriptions of S201 to S203, and the same technical effects can be achieved, which are not described in detail.

Further, the data files to be uploaded in the user side which need to be uploaded are determined through the following steps: acquiring target travel information of data files needing to be uploaded in a preset time interval and travel information corresponding to each data file in the preset time interval; and determining the data file with the travel information matched with the target travel information as a data file to be uploaded, which needs to be uploaded.

In the step, target travel information of a data file to be uploaded in a preset time interval is acquired, travel information corresponding to each of a plurality of data files in the preset time interval is acquired, and the data file with the travel information matched with the target travel information is determined as the data file to be uploaded.

Here, the preset time interval is set manually, and may be referred to as data file uploading frequency, and may be a day, a half day, or a time of a trip ending.

Here, the travel information refers to a process of data acquisition to which a data file to be uploaded belongs, and the travel information may be travel information including a number, a start time, an end time, and the like of a travel, taking as an example that data recorded in the data file is recording data and video data in a vehicle driving process. The target trip information refers to a data acquisition process that needs to be uploaded for the batch, and for the above embodiment, the target trip information may be a completed trip in the vehicle driving process, and the definition of the completed trip may be defined by a period of time from when the vehicle-mounted device on the vehicle starts to acquire data to when the vehicle-mounted device finishes acquiring data.

Therefore, as the travel information of each uploaded data file is the same in a batch of uploaded data files and is the same as the target travel information, the same travel information is uploaded in the same batch, the data files are managed in a organized and hierarchical manner, and the subsequent data files are conveniently searched.

Further, before the obtaining of the target trip information of the data files to be uploaded within the preset time interval and the trip information corresponding to each data file within the preset time interval, the data transmission method further includes: acquiring a plurality of pieces of acquired data within a preset time interval and attribute information corresponding to each piece of acquired data; dividing the collected data with the same attribute information in the plurality of pieces of collected data into the same collected data set to obtain a plurality of collected data sets; based on the plurality of collected data sets, a plurality of data files are determined.

In the step, a plurality of pieces of collected data collected by data collecting equipment within a preset time interval and attribute information corresponding to each piece of collected data are obtained, the collected data with the same attribute information are divided into a plurality of collected data sets, and each collected data set corresponds to one data file.

Here, the attribute information of the collected data indicates what the collected data is, and in correspondence with the above-described embodiment, the data collecting device is an in-vehicle device for collecting some data during the running of the vehicle, and at this time, the attribute information of the collected data may indicate whether the collected data is sound recording data or video image data.

Here, after the plurality of pieces of collected data are divided into the plurality of collected data sets according to the attribute information of the collected data, since the plurality of pieces of collected data collected in the preset time interval may not all have the same trip information, when the plurality of data files are generated according to the plurality of collected data sets, the trip information corresponding to the collected data is also taken into consideration. Thus, the number of collected data sets and the number of data files are not necessarily the same.

For example, three pieces of collected data, collected data a, collected data B, and collected data C, collected within a preset time interval. According to the attribute information of the three data, the collected data a, the collected data B and the collected data C are all the recorded data, so that the three data all belong to the recorded data set, however, the travel information of the collected data a and the collected data B shows that the collected data a and the collected data B all belong to the travel 1, and the collected data C belongs to the travel 2, so that when the data file is generated, the collected data a and the collected data B belong to the data file of which the file identification information is the recorded-travel 1, and the collected data C belongs to the data file of which the file identification information is the recorded-travel 2.

Further, determining a key parameter corresponding to the data file to be uploaded through the following steps: acquiring file attribute information corresponding to the data file to be uploaded; and determining key parameters corresponding to the data files to be uploaded based on the file identification information, the file attribute information and a preset key parameter generation rule.

In the step, after the data file to be uploaded is determined, file identification information and file attribute information of the data file to be uploaded are obtained; and determining key parameters corresponding to the data file to be uploaded according to the acquired file identification information and key parameter generation rules corresponding to the file attribute information.

Here, whether the batch of data files uploaded together includes one data file to be uploaded or a plurality of data files to be uploaded, a key parameter needs to be regenerated for each data file to be uploaded according to a preset key parameter generation rule, so as to improve the difficulty of deciphering the key parameter and further ensure the security of uploading the data files.

Further, the determining, based on the file identification information, the file attribute information, and a preset key parameter generation rule, a key parameter corresponding to the data file to be uploaded includes: determining an identification parameter corresponding to the file identification information and an attribute parameter corresponding to the file attribute information based on the file identification information, the file attribute information and the preset key parameter generation rule; and combining the identification parameters and the attribute parameters according to the preset key parameter generation rule to generate key parameters corresponding to the data file to be uploaded.

In this step, according to the file attribute information and the file identification information of the data file to be uploaded, the corresponding encoding parameters and encoding modes are found out in a preset key parameter generation rule, the attribute parameters corresponding to the file attribute information and the identification parameters corresponding to the file identification information are generated, and the attribute parameters and the identification parameters are combined again according to the preset key parameter generation rule to obtain the key parameters corresponding to the data file to be uploaded.

Here, in order to make the key parameters corresponding to each data file to be uploaded different, when the same set of uploaded data files includes more than one data file with the same travel information, the data files with the same attribute information need to be distinguished by the travel information of the data files, that is, the attribution parameters need to be generated according to the travel information and the preset key parameter generation rule, for example, the data file X and the data file Y are both sound recording files, so the travel information added to the data file X and the data file Y is distinguished, the data file X belongs to the travel 1, the data file Y belongs to the travel 2, and the travel information may be present in the file identification information or may be encoded separately.

Here, in the embodiment of the present application, a data file having only one same attribute information under one piece of travel information is taken as an example, and when a data file having more than one same attribute information under the same piece of travel information is taken, different parameters may be generated according to the generation time of the data file to distinguish the data files.

Further, after step S304, the data transmission method further includes: if the server does not successfully receive the encrypted data file, determining an updated key parameter and an updated encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded based on the updated key parameter and the updated encryption mode to obtain an updated encrypted data file; and uploading the updated encrypted data file and the file identification information to the server.

In this step, if the feedback information of the server indicates that the server has not successfully received the encrypted data file, the encrypted data file is to be uploaded again, a new update key parameter and an update encryption mode corresponding to the data file to be uploaded are determined, the data file to be uploaded is encrypted again to obtain an updated encrypted data file, and the updated encrypted data file and corresponding file identification information are uploaded to the server again.

Here, when there is only one data file uploaded in the same batch, the key parameter can be updated and re-encrypted directly for the data file to be uploaded which fails in transmission. Generating an updated encrypted data file and then directly uploading the updated encrypted data file; for the situation that the same batch of uploaded data files has more than one data file, the data receiving information of the server can be directly analyzed to obtain at least one file identification information of at least one data file which fails to be uploaded, the at least one data file corresponding to the at least one file identification information is directly re-encrypted and then uploaded, if the data receiving information fed back by the server only indicates that the server does not successfully receive all the data files and does not indicate which data files are not successfully received, then query information needs to be sent to the server to obtain at least one file identification information of at least one data file which is not successfully uploaded when the data receiving information of the server is received and the data files are determined not to be successfully received, and the at least one data file corresponding to the at least one file identification information is re-encrypted, and then uploading.

For the uploading time of the updated encrypted data files, the updated encrypted data files only having one data file in the process of uploading the data files at one time can be uploaded together with the next batch of data files to be uploaded; at least one updated encrypted data file with more than one data file in the process of uploading the data file at one time needs to be uploaded in real time, and the updated encrypted data file and the encrypted data file which is successfully uploaded before are stored in the same storage space of the server.

Here, for the newly uploaded data file, since the file identification information and the file attribute information are the same as those of the previously uploaded data file, in order to distinguish the two, in the key parameter generation process, the update information may also generate a corresponding update parameter according to a corresponding preset key parameter generation rule, and the update parameter may be used as a component of the corresponding update key parameter.

Further, after step S303, the data transmission method further includes: receiving a key parameter request sent by the server, and detecting whether the key parameter request is accepted or not; if the key parameter request is received, file identification information carried in the key parameter request is obtained; determining an encryption mode and a key parameter corresponding to the key parameter request based on the file identification information; and sending the encryption mode and the key parameter to the server.

In the step, after the data file is uploaded to the server, when the server needs to read the data file, the server receives a key parameter request sent by the server, detects whether the key parameter request is received or not, if the key parameter request is received, file identification information carried in the key parameter request is obtained, and according to the file identification information, key parameters corresponding to the file identification information are searched in a local storage and sent to the server in an encryption mode.

Here, as to whether the key parameter request is authorized, whether to upload a data file to the server before may be determined according to unique identification information (IP address, etc.) of the server, and it is necessary to determine a key parameter request frequency of the server within a preset time interval, and if the user does not upload the data file to the requesting server and/or the key parameter request frequency of the server within the preset time interval is too high, the key parameter request is considered to be abnormal, and is not authorized, a request failure message is sent to the server, and the key parameter request is rejected.

Here, the key parameter request of the server may be a request for a key parameter for only one data file, or may be a request for a key parameter for a plurality of data files at the same time. For the situation that the server requests the key parameters corresponding to a plurality of data files, the user side may select to upload the key parameters and the encryption mode in real time after determining the key parameters and the encryption mode according to the file identification information of one data file, or upload the key parameters of all the data files requested in the key parameter request together, at this time, the corresponding file identification information, the key parameters and the encryption mode need to be uploaded after being well corresponded.

Further, after the sending the encryption mode and the key parameter to the server, the data transmission method further includes: receiving feedback information of the server, and sending a data request for requesting the encrypted data file to the server after the feedback information indicates that the server does not successfully decrypt the encrypted data file; after data corresponding to an encrypted data file is acquired, decrypting the encrypted data file by using a key parameter and an encryption mode which are sent to the server; if the encrypted data file is not successfully decrypted, determining a key parameter and an encryption mode corresponding to the encrypted data file according to file identification information corresponding to the encrypted data file, and sending the key parameter and the encryption mode to the server.

Receiving feedback information of the server, wherein the feedback information feeds back whether the server successfully decrypts the encrypted data file to be decrypted by the server, and if the feedback information indicates that the server does not successfully decrypt the confidential data file and does not store the corresponding original data file in the local storage of the user side, sending a data request to the server to request data; and after the encrypted data file sent by the server is obtained, directly decrypting the encrypted data file by using the key parameter sent to the server, if the decryption fails, determining the encryption mode and the key parameter to send to the server again according to the file identification information under the condition that the key parameter sent to the server is wrong.

Here, the number of the data files which fail to be decrypted may be one or multiple, and when the number of the data files which fail to be decrypted is multiple, it is necessary to perform a check on one data file according to the sequence of the failure of decryption, where if a plurality of data files fail to be decrypted at the same time, it is more likely that a problem occurs in a decryption system of the server, and it is necessary to check the server.

In the verification process, under the conditions that decryption is successful at a user side and decryption is failed at a server side, verification information needs to be sent to the server to request the server to check whether a decryption system of the server has a fault or not, file identification information, corresponding key parameters and an encryption mode are sent to the server after the server finishes checking and receives checking completion information sent by the server, and the server side performs data decryption operation again.

The data transmission method provided by the embodiment of the application determines a data file to be uploaded which needs to be uploaded to a server in a user side and file identification information corresponding to the data file to be uploaded; determining a key parameter and an encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded in the user side based on the key parameter and the encryption mode; uploading an encrypted data file obtained by encryption and file identification information corresponding to the encrypted data file to the server; receiving data receiving information fed back by the server, and detecting whether the server successfully receives the encrypted data file; and if the server successfully receives the encrypted data file, storing the key parameter, the encryption mode and the file identification information corresponding to the encrypted data file at the user side.

Thus, a data file to be uploaded is determined at a user terminal, an encryption mode and a key parameter corresponding to the data file are determined, the data file is encrypted to generate an encrypted data file, the encrypted data file and file identification information corresponding to the encrypted data file are uploaded to a server, and the file identification information, the key parameter and the encryption mode are stored at the user terminal after the server successfully receives the encrypted data file, so that the data file to be uploaded can be directly encrypted at the user terminal, the encrypted data file can be directly uploaded, the probability of data leakage in the transmission process and at the server terminal is reduced, the data safety is improved, the file identification information, the key parameter and the encryption mode are stored at the user terminal, and the key parameter and the encryption mode can be conveniently indexed by the file identification information, the searching efficiency is improved.

Referring to fig. 4 to fig. 6, fig. 4 is a first schematic structural diagram of a user terminal according to an embodiment of the present application, and fig. 5 is a second schematic structural diagram of a user terminal according to an embodiment of the present application; fig. 6 is a third schematic structural diagram of a user equipment according to an embodiment of the present application. As shown in fig. 4, theuser terminal 400 includes:

The uploadfile determining module 410 is configured to determine a data file to be uploaded, which needs to be uploaded to the server in the user side, and file identification information corresponding to the data file to be uploaded.

The encryptedfile determining module 420 is configured to determine a key parameter and an encryption manner corresponding to the data file to be uploaded, and encrypt the data file to be uploaded in the user side based on the key parameter and the encryption manner.

The encryptedfile uploading module 430 is configured to upload the encrypted data file obtained through encryption and the file identification information corresponding to the encrypted data file to the server.

Further, the encryption mode includes one of symmetric encryption and asymmetric encryption.

Further, the uploadfile determining module 410 is configured to determine the data file to be uploaded, which needs to be uploaded, in the user side by:

Further, the encryptedfile determining module 420 is configured to determine a key parameter corresponding to the data file to be uploaded by:

Further, when the encryptedfile determining module 420 is configured to determine, based on the file identification information, the file attribute information, and a preset key parameter generation rule, a key parameter corresponding to the data file to be uploaded, the encryptedfile determining module 420 is specifically configured to:

Further, as shown in fig. 5, theuser terminal 400 further includes a datafile determining module 440, where the data file determiningmodule 440 is configured to:

Further, as shown in fig. 5, theuser terminal 400 further includes aninformation storage module 450, where theinformation storage module 450 is configured to:

Further, as shown in fig. 5, theuser terminal 400 further includes aninformation updating module 460, where theinformation updating module 460 is configured to:

Further, as shown in fig. 6, the user side further includes a keyparameter authorization module 470, where the keyparameter authorization module 470 is configured to:

and sending the encryption mode and the key parameter to the server.

Further, as shown in fig. 6, theuser terminal 400 further includes a keyparameter verification module 480, where the keyparameter verification module 480 is configured to:

The user side provided by the embodiment of the application determines the data file to be uploaded which needs to be uploaded to the server in the user side and the file identification information corresponding to the data file to be uploaded; determining a key parameter and an encryption mode corresponding to the data file to be uploaded, and encrypting the data file to be uploaded in the user side based on the key parameter and the encryption mode; and uploading the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file to the server.

Referring to fig. 7, fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure. As shown in fig. 7, theelectronic device 700 includes aprocessor 710, amemory 720, and abus 730.

Thememory 720 stores machine-readable instructions executable by theprocessor 710, when theelectronic device 700 runs, theprocessor 710 communicates with thememory 720 through thebus 730, and when the machine-readable instructions are executed by theprocessor 710, the steps of the data transmission method in the method embodiments shown in fig. 2 and fig. 3 may be performed.

An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the data transmission method in the method embodiments shown in fig. 2 and fig. 3 may be executed.

It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.

The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a non-volatile computer-readable storage medium executable by a processor. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

Claims

1. A data transmission method is applied to a user side, and the data transmission method comprises the following steps:

2. The data transmission method according to claim 1, wherein the encryption scheme includes one of symmetric encryption and asymmetric encryption.

3. The data transmission method according to claim 1, wherein the key parameter corresponding to the data file to be uploaded is determined by the following steps:

4. The data transmission method according to claim 3, wherein the determining, based on the file identification information, the file attribute information, and a preset key parameter generation rule, a key parameter corresponding to the data file to be uploaded includes:

5. The data transmission method according to claim 1, wherein after the encrypted data file obtained by encryption and the file identification information corresponding to the encrypted data file are uploaded to the server, the data transmission method further comprises:

6. The data transmission method according to claim 5, wherein after the receiving the data receiving information fed back by the server and detecting whether the server successfully receives the encrypted data file, the data transmission method further comprises:

7. The data transmission method according to claim 1, wherein after uploading the encrypted data file obtained by the encryption and the file identification information corresponding to the encrypted data file to the server, the data transmission method further comprises:

and sending the encryption mode and the key parameter to the server.

8. The data transmission method according to claim 7, wherein after the sending the encryption scheme and the key parameter to the server, the data transmission method further comprises:

9. A user terminal, the user terminal comprising:

10. An electronic device, comprising: a processor, a storage medium and a bus, the storage medium storing machine-readable instructions executable by the processor, the processor and the storage medium communicating via the bus when the electronic device is operating, the processor executing the machine-readable instructions to perform the steps of the data transmission method according to any one of claims 1 to 8.

11. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the data transmission method according to one of claims 1 to 8.